If this is your first visit, be sure to
check out the FAQ by clicking the
link above. You may have to register
before you can post: click the register link above to proceed. To start viewing messages,
select the forum that you want to visit from the selection below.

Uberscan, a multi-protocol brute-force pentesting program in perl

Hello everyone! I've recently developed a pentesting program that scans IPs wardialler-style and tries to brute-force them in various protocols such as Telnet, SSH, POP3, FTP and HTTP challenge. It also searches for anonymous FTP servers and tests for the antique sendmail bug, the sendmail verify function and for basic SMTP vulnerability to spammer abuse. Oh and it can search for specific open ports as well (a bit like nmap but cruder).

All disclaimers apply - it is absolutely not to be used for nefarious or illegal purposes.

I'd love to see what people think. It's only version 1.0 so some of the features are a little crude - but it definitely does work. If there's interest I plan to develop it further and add more features - currently it can scan IP ranges, lists of IP address, random IPs and random IPs within IP blocks (albiet crudely, as I said - it's only version 1.0). It doesn't save the current session but it can output to CSV format as well as to text files at various levels of verbosity.

I imagine it would be quite useful if you're setting up a network with lots of IoT devices and want to see how vulnerable they are without exposing them to the nasty stuff out there... I'm also currently working on a honeypot program that shows you, in real-time, the kind of stuff that will try to connect to you if you leave ports open - quite useful for educating yourself about what's happening, malware-wise. If I get a good response and lots of interest from Uberscan I guess I'll be ready to put that up soon as well.